The 2015 Data Breach Toll

Hilary Tuttle


February 1, 2016

2015 data breach report

According to the Identity Theft Resource Center, 2015 saw 780 data breaches that exposed a total of 177,866,236 records.

The ITRC’s list compiles data breaches confirmed by various media sources and notifications from governmental agencies, including many that do not trigger data breach notification laws, such as the exposure of user names, emails and passwords that do not involve sensitive personal identifying information, although these are excluded from the total number of records exposed.

The center’s last report of 2015 indicates that most breaches occurred in the business and health care sectors, representing 40% and 35.4% of the total, respectively. In terms of records exposed, however, breaches were far more damaging in the health care and government/military sectors, with medical/health care entities accounting for 68.4% of all records exposed. While government/military entities only suffered 8.1% of the breaches, they were responsible for exposing 19.2% of all records. Business breaches exposed 9.1% of the total number of records, the banking/credit/financial sector exposed 2.8%, and educational entities 0.4%.

Overall, data breaches were up just under 1% in 2015 compared to 2014.

Hilary Tuttle is managing editor of Risk Management.